Purveyors of spyware and adware will try to take advantage of well known programs, illegitimately bundling their software into the install of the popular software. These programs are also commonly referred to as Potentially Unwanted Programs (PUPs) whose content is not necessarily malicious, but is almost never wanted by the user. These types of software are often used to collect information about the user without the users’ knowledge or consent.
The latest example is found on the fake Firefox download site below. The page is cleverly disguised with the appearance of a legitimate Firefox download site and could easily fool many users hoping to upgrade.
Taking a closer look reveals clues to the fraudulent page. While the page advertises version 3.5 the newest version is actually 3.6. There are also misspellings such as “Anti-Pishing” in the title of the security section.
Victims of this scam install the “Hotbar” toolbar by Pinball Corp, formerly Zango. Not only are users subject to the annoying toolbar, they're also barraged with pop-up ads and host to a new Hotbar weather application running in the system tray.
It should be noted that the owner of the fake Firefox site above is most likely not associated with Pinball Corp and only using its pay-per-install ad network for fast cash. Pay-per-install affiliate programs reward referring sites that generate installs of their programs, with Pinball paying as high as $1.45 per install.
Always take caution installing any software and ensure the software is downloaded directly from the publisher whenever possible. Users looking to upgrade Firefox should go to the real download site at http://getfirefox.com.
Blocking the Spyware and Malicious Sites category protects eSoft SiteFilter customers from this site and others like it.